$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/485C95EAB969D6A48B4E079F7EAF2F1A43D576E5.cer File: 485C95EAB969D6A48B4E079F7EAF2F1A43D576E5.cer (raw, json) Hash identifier: 2CODDLa+o0Ei+R0peZc/vFtJQH5Ig8ifylFunAXGJ38= Subject key identifier: 48:5C:95:EA:B9:69:D6:A4:8B:4E:07:9F:7E:AF:2F:1A:43:D5:76:E5 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 537186EA681137D19A683AB3A300E7529DD5C18F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/23ba024b-87f2-4edd-89ff-a4fca7008c36/0/485C95EAB969D6A48B4E079F7EAF2F1A43D576E5.mft caRepository: rsync://rpki-rsync.idnic.net/repo/23ba024b-87f2-4edd-89ff-a4fca7008c36/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:03:22 +0000 Certificate not after: Sun 02 May 2027 00:08:22 +0000 Subordinate resources: IP: 103.162.35.0/24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:71:86:ea:68:11:37:d1:9a:68:3a:b3:a3:00:e7:52:9d:d5:c1:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:03:22 2026 GMT Not After : May 2 00:08:22 2027 GMT Subject: CN=485C95EAB969D6A48B4E079F7EAF2F1A43D576E5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:18:80:21:96:25:73:6d:be:c0:16:ea:38:d5: c8:35:da:a9:70:5f:ed:30:c0:eb:74:0b:1e:47:e0: 95:4f:66:bb:88:7e:cf:5a:d0:c8:a0:61:75:f7:7f: aa:99:a9:fa:12:1e:02:14:50:ad:5c:78:aa:f9:d0: d2:85:68:8e:af:40:14:09:5e:12:54:43:54:9b:9d: 2c:12:b2:95:96:76:09:88:61:c0:ac:13:6c:23:b7: e8:5e:97:76:3c:2b:9d:41:ba:ee:2b:b7:a1:e6:43: e6:f0:6f:a1:89:f5:ef:23:11:5e:7f:a0:21:84:b3: aa:9d:90:18:23:de:77:f8:a4:dd:86:12:fb:a4:18: 03:98:49:b6:16:3a:e4:e7:10:f6:1b:74:56:a8:f4: 15:b5:dd:94:c9:8a:6d:23:ff:71:04:c6:2b:d8:08: d5:9e:36:b5:49:d2:73:dc:c4:09:97:50:34:0e:28: 33:5b:68:3d:02:01:fe:0f:a8:88:1b:61:fd:b3:ea: 6a:84:6a:f3:9a:64:4b:f8:4b:70:2e:e0:86:db:61: 38:dd:97:bd:86:00:8f:01:37:89:0c:59:06:d0:e7: 1c:f4:12:dc:c5:2a:c7:26:a6:43:a9:98:1f:f3:ad: d3:0c:8f:79:14:7f:94:d1:58:2c:5c:71:47:cc:e8: 2a:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 48:5C:95:EA:B9:69:D6:A4:8B:4E:07:9F:7E:AF:2F:1A:43:D5:76:E5 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/23ba024b-87f2-4edd-89ff-a4fca7008c36/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/23ba024b-87f2-4edd-89ff-a4fca7008c36/0/485C95EAB969D6A48B4E079F7EAF2F1A43D576E5.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.162.35.0/24 Signature Algorithm: sha256WithRSAEncryption 30:d4:50:71:b2:eb:6f:b4:90:6c:cd:68:fe:d3:ae:a4:11:56: 05:02:5f:8d:4b:a4:db:59:4b:da:85:0b:98:e4:ee:a5:ee:51: e8:3f:fc:62:0f:c6:8e:ab:2f:83:a2:54:32:26:e2:9a:2c:02: 9d:c8:23:7e:01:bd:f4:07:ce:7f:96:62:90:e1:dd:11:10:ee: f3:9a:3e:b0:5d:44:ec:8e:8c:09:1a:ff:e3:ea:80:43:13:ec: 4d:4b:37:a2:26:fe:ae:00:96:0e:38:0d:db:56:d4:8b:28:23: 45:32:ca:d6:ef:57:22:ae:65:dd:be:17:76:1a:a5:fe:2a:60: 69:8c:b4:88:f0:d3:79:66:bd:a1:81:ec:a7:d5:4a:f0:1a:81: f3:e5:bb:9b:ee:6d:b9:86:a6:1a:ab:e0:c8:e7:e3:cc:60:b7: 3a:40:a9:fd:4e:de:9a:1a:78:cb:e7:e1:df:b1:1a:cd:bf:06: cf:16:1d:a1:7b:99:55:c9:5a:93:cf:58:a6:84:65:1d:cb:aa: 7d:35:87:e1:38:0d:b0:e5:04:4f:8c:81:e7:c1:13:76:26:0e: 12:43:cc:f5:7b:d8:0f:52:49:1a:94:e3:42:cc:ba:33:76:6b: 1f:c5:11:3a:a9:51:5a:4b:6f:6f:ba:73:0f:a6:56:96:9c:79: 59:08:ea:d3 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUU3GG6mgRN9GaaDqzowDnUp3VwY8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwMDMyMloX DTI3MDUwMjAwMDgyMlowMzExMC8GA1UEAxMoNDg1Qzk1RUFCOTY5RDZBNDhCNEUw NzlGN0VBRjJGMUE0M0Q1NzZFNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKsYgCGWJXNtvsAW6jjVyDXaqXBf7TDA63QLHkfglU9mu4h+z1rQyKBhdfd/ qpmp+hIeAhRQrVx4qvnQ0oVojq9AFAleElRDVJudLBKylZZ2CYhhwKwTbCO36F6X djwrnUG67iu3oeZD5vBvoYn17yMRXn+gIYSzqp2QGCPed/ik3YYS+6QYA5hJthY6 5OcQ9ht0Vqj0FbXdlMmKbSP/cQTGK9gI1Z42tUnSc9zECZdQNA4oM1toPQIB/g+o iBth/bPqaoRq85pkS/hLcC7ghtthON2XvYYAjwE3iQxZBtDnHPQS3MUqxyamQ6mY H/Ot0wyPeRR/lNFYLFxxR8zoKlkCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFEhcleq5adaki04Hn36vLxpD1XblMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzIzYmEwMjRiLTg3ZjItNGVkZC04OWZmLWE0ZmNhNzAwOGMzNi8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8yM2JhMDI0 Yi04N2YyLTRlZGQtODlmZi1hNGZjYTcwMDhjMzYvMC80ODVDOTVFQUI5NjlENkE0 OEI0RTA3OUY3RUFGMkYxQTQzRDU3NkU1Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAZ6IjMA0GCSqGSIb3DQEBCwUAA4IBAQAw1FBxsutvtJBszWj+066kEVYFAl+N S6TbWUvahQuY5O6l7lHoP/xiD8aOqy+DolQyJuKaLAKdyCN+Ab30B85/lmKQ4d0R EO7zmj6wXUTsjowJGv/j6oBDE+xNSzeiJv6uAJYOOA3bVtSLKCNFMsrW71cirmXd vhd2GqX+KmBpjLSI8NN5Zr2hgeyn1UrwGoHz5bub7m25hqYaq+DI5+PMYLc6QKn9 Tt6aGnjL5+HfsRrNvwbPFh2he5lVyVqTz1imhGUdy6p9NYfhOA2w5QRPjIHnwRN2 Jg4SQ8z1e9gPUkkalONCzLozdmsfxRE6qVFaS29vunMPplaWnHlZCOrT -----END CERTIFICATE-----Generated at Tue May 12 22:16:23 2026 by rpki-client